ISO 9001:2015 Draft BY QI organization June 2014 Introduction • Purpose of the session • New standard main elements • The high structure context • Review main body.
Download ReportTranscript ISO 9001:2015 Draft BY QI organization June 2014 Introduction • Purpose of the session • New standard main elements • The high structure context • Review main body.
Slide 1
ISO 9001:2015
Draft
BY
QI organization
June 2014
Slide 2
Introduction
• Purpose of the session
• New standard main elements
• The high structure context
• Review main body of the draft
• The different between the ISO 9001:2008 and CD ISO 9001:2105
Slide 3
Purpose of the session
• To review the new draft for ISO 9001:2015 and discuss the
implementation of the new standard
• To have open discussion and exchange idea about the
implementation requirements in the Egyptian market
• To discuss the required qualification of the auditors and the
consultants
• How to improve the current QMS to comply with the new
requirements
Slide 4
New standard new elements
1.
2.
3.
4.
Scope
Normative references
Terms and definitions
Context of the organization
• Understanding the organization
and its context
• Needs and requirements
• Scope
• Management System
5. Leadership
• General
• Management commitment
• Policy
• Roles, responsibility and
authority
6. Planning
• Actions to address risks &
opportunities
• Objectives and plans to achieve
them
7. Support
• Resources
• Competence
• Awareness
• Communication
• Documented information
8. Operation
• Operational planning and
control
9. Performance evaluation
• Monitoring, measurement,
analysis & evaluation
• Internal audit
• Management review
10. Improvement
• Non conformity and corrective
action
• Continual Improvement
Slide 5
0.1 General
• Brief about the committee draft , the CD version is not the final ISO
9001:2015 standard , the final draft may include or may not include
the given modification
Slide 6
0.2 Annex SL
• Annex SL appendix 2 set out the high level structure , identical core
text and common terms and core definitions that are to form , when
possible , the nucleus of future and revised management system
standard such as ISO 9001.
• All MSS shall , in principle use consistent structure , common text
and terminology so that they are easy to use and compliable with
each other
Slide 7
0.3 significant changes
• Redrafting to make the standard more generic and more easily
applicable by service industries. (product goods & services)
• Context (framework & environment) of organization
•
•
•
•
4.1 understanding the organization and its context
4.2 understanding the needs and expectations of interested parties
4.4.2 Process approach
4.1 Risk and 6.1 preventive action (there is no requirement for formal risk
management)
• Documented information .(document and records documented
information)
• 8.6 Control of external provision of goods and services
Slide 8
1 scope
• Used by organization to demonstrate its ability to provide goods and
services that meets customer and legal and other requirements and
to improve the customer satisfaction as well as the conformity with
legal and other requirements
Slide 9
2 Normative references
• ISO 9000:2015
Slide 10
3 terms and definitions
• Give definitions that apply to the standard about 22 terms , such as
organization ,requirements , policy, objective , documented
information etc.
Slide 11
4 context of the organization
• 4.1 understanding the organization and its context
• Organization Shall
• determined External & internal issues affect to achieve the outcome and
consider :
• Change and trend impacts on objectives
• Relationships with, and perceptions and values of relevant
interested parties
• Governance issues , strategic priorities , internal policies and
commitment
• resource availability and technological change
• Update such determination when needed
Slide 12
4.2 understanding the needs and expectations
of interested parties
• The organization shall determined
• The relevant interested parties such as (direct customer , end-user, supply
chain , regulator and any others)
• The requirements of these interested parties
• Update these needs
Slide 13
4.3 determining the scope of the quality
management system
• The organization shall determined
• Boundary
• Applicability of the QMS
• Requirement of 4.1 and 4.2
• Scope shall be documented information
• Exclusion from the standard only apply to clauses 7.1.4 and 8
• Exclusion shall be documented and justified
Slide 14
4.4 Quality management system
ISO 9001:2008 C4.1
• 4.4.1 general
• The organization shall establish , implement and maintain and improve its
QMS
• 4.4.2 Process approach
• Organization shall determined:
•
•
•
•
•
•
Processes needed, Input , output , resources , control for identified processes
Processes interactions
Risks to conformity (goods, services and in-effective interaction)
Key performance indicator
Responsibility and authority
Improvement
Slide 15
5 Leadership
ISO 9001:2008 C5.1
• 5.1 Leadership and commitment
• 5.1.1 Leadership and commitment with respect to the quality management
system
• Top management shall demonstrate its commitment by
•
•
•
•
•
•
•
•
•
•
Quality policy and objectives are established
Quality policy is understood within organization
Integrity of the QMS
Awareness of process approach
Resources are available
Communicating the importance of conforming to QMS and requirements of goods and services
Supporting persons to contribute to the effectiveness of the QMS
Supporting other management roles
Improvement and innovation
Supporting other management roles
Slide 16
5.2 Quality policy
ISO 9001:2008 C5.3
• Top management shall establish quality policy that
•
•
•
•
Appropriate to the purpose of organization
Provide frame work for setting the objectives
Include commitment to satisfy applicable requirements
Includes commitment to improvement
• Policy shall be documented information
• Communicated within organization
• Available to interested parties as appropriate
• Reviewed
Slide 17
ISO 9001:2008 C 5.5.1 & C5.5.2
5.3 Organization roles , responsibility and
authorities
• Top management shall ensure responsibility and authorities are
assigned and communicated
• Top management shall assign responsibility and authority for
• QMS conforms to the requirements
• Processes are interact and provide the intend output
• Reporting on the QMS performance
• Awareness for customer requirements
No Clear definition for the
MR , however still exist
without any exact
requirements
Slide 18
6 Planning
• 6.1 Actions to address risks and opportunities
• Organization shall consider 4.1 and 4.2 when planning
• Determined risks and opportunities that need to be addressed:
•
•
•
•
•
•
•
•
Assure QMS can achieve its intend outcome
Assure conformity of goods and services and customer satisfaction
Prevent and reduce undesired effect
Achieve improvement
Organization shall plan actions to address these risks and opportunities
Organization shall implement such actions to the QMS
The organization shall evaluate the effectiveness of these actions
Actions taken shall be appropriate for the effect
Slide 19
6.2 Quality Objectives and planning to achieve
them
ISO 9001:2008 C5.4.1
• The organization shall establish quality objectives
• Consistent with policy
• Relevant to conformity of goods and services and customer satisfaction
• Measurable, take into account applicable legal requirements
• Monitored , communicated
• Updated as appropriate
• Documented information
• Determined how shall the organization achieve such objectives
Slide 20
6.3 Planning of change
• Organization shall determined the needs and opportunity to
maintain and improve the QMS
• Organization shall undertake changes
•
•
•
•
Planned systematic manner
Identify risks
Opportunity
Reviewing the potential consequence of change
Simply , evaluate before
implementation
Slide 21
ISO 9001:2008 C6.1 & 6.2& C6.3
7 Support
• 7.1 Resources
• 7.1.1 General
• The organization shall provide resources needed to QMS
• 7.1.2 infrastructure
• Organization shall provide and maintain infrastructure needed for operation
• 7.1.3 process environment
• Organization shall provide the working environment for each process
7.1.4 monitoring and measuring devices
Review from previous ISO
9001:2000
• Organization shall determined the monitoring and measurement devices
• 7.1.5 knowledge
• Knowledge of conformity shall be available
Slide 22
7.2 Competence
ISO 9001:2008 C 6.2
• Organization shall
• Determined the necessary competence of persons
• Ensure persons are competent based on appropriate education, training or
experience
• Where applicable take action to acquire the necessary competence and
evaluate the effectiveness of actions taken
Slide 23
ISO 9001:2008 C 6.1 & C6.2
7.3 Awareness
• Persons doing work under control of organization shall be aware of
• Quality policy
• Relevant quality objective
• Contribution to the effective to management system
• Implication of not conforming with QMS
Slide 24
ISO 9001:2008 C 5.5.3
7.4 Communication
• Organization shall determined the need s for internal and external
communication
Slide 25
7.5 Documented information
ISO 9001:2008 C4.2.3 & C4.2.4
• 7.5.1 General
• Organization QMS shall include:
• Documented information required by the standard
• Documented information required by organization
• 7.5.2 Creating and updating
• Organization shall ensure when creating or updating documented information :
• Identification , description, format, review for approval.
• 7.5.3 control of documented information
• Organization ensure DI are available and suitable when needed and protected
• DI shall be controlled for distribution , access , retrieval , use , preservation , changes and
retention and disposition
• External origin DI shall be identified and controlled
Slide 26
ISO 9001:2008 C 7.1
8 Operation
8.1 Operational planning and control
• Organization shall plan and implement and control processes by determined
actions in 6.1
• Establish criteria for the process
• Implement control of the processes IAW criteria
• DI to give confidence that process carried out as planned
• Organization controlled planed change
• Any process by external providers is controlled
Slide 27
8.2 Determination of market needs and
interactions with customers
ISO 9001:2008 C7.2.1
• 8.2.1 General
• Organization shall implement process to determined customer requirements
• 8.2.2 determination of requirements related to the goods and services
• stated by the customer
• Not stated by the customer
• Legal and other requirements applicable to the goods and services
• any additional requirements
Slide 28
8.2.3 Review of requirements related to the
goods and services
ISO 9001:2008 C7.2.2
• Organization shall review the requirements related to goods and
services before supply
• Results of review shall be DI
• Organization shall ensure requirements where customer doesn't
provide documented statement
• If requirements are changed the organization shall ensure the
implementation is done and relevant person become aware of that
Slide 29
8.2.4 Customer communication
ISO 9001:2008 C7.2.3
• Organization shall determined and implement planned to
communicate with customer in relation to:
• Goods and services
• Enquiries , contract or order
• Customer feed back
• Handling of customer property
• The specific requirements for contingency actions , where relevant
Slide 30
8.3 Operational planning process
ISO 9001:2008 C 7.1
• Organization determined the following as appropriate:
• Requirements for goods and services take into account quality objectives
• Actions to identify and address risks related to goods and services
conformity
• Required recourses
• Acceptance criteria
• Required verification , validation, monitoring, measurement , inspection
and test
• Performance data embellishing and communicated
• Requirements for tractability , preservations , delivery and post delivery
• Output in form suitable to the organization
Slide 31
8.4 Control of external provision of goods
and services
ISO 9001:2008 C7.4.1
• 8.4.1 General
• Organization shall ensure that externally provided goods are conforms with
requirements
• 8.4.2 type and extent of control of external provision
• Types and extent control applied depend up on
• Risks identified and potential impact
• Degree of shared control between organization and providers
• The capability of potential control
• organization shall have criteria for selection , evaluation and reevaluation
• DI for monitoring result
• DI shall provided to provider as appropriate include data about the goods
and services , requirements , provider monitoring , any required verification
Slide 32
8.4.3 Documented information for external
providers
• Documented information shall be provided to the external provider describing
where appropriate:
•
•
•
•
•
•
goods and services to be provided or the process to be performed,
requirements for approval or release
requirements for competence
quality management system requirements,
control and monitoring of the external provider’s performance
any verification activities that the organization, or its customer, intends to perform at
the external provider’s premises
• requirements for handling of external provider’s property provided to the organization.
• Documented information describing on the results of monitoring shall be maintained.
Slide 33
ISO 9001:2008 C7.3 –C7.3.6
8.5 Development of goods and services
• 8.5.1 Development processes
• The organization shall plan and implement processes for the development
of goods and services consistent with the process approach.
• In determining the stages and controls for the development processes, the
organization shall take account of:
•
•
•
•
•
•
•
•
•
nature, duration and complexity
customer, statutory and regulatory requirements
requirements specified by the organization
determined risks and opportunities associated with the development (nature , level
of control and impacts)
internal and external resource,
need for clarity with respect to the responsibilities and authorities
need for the management of the interfaces between individuals and parties
need for involvement of customer groups, the necessary documented information
activities needed to transfer from development to production
Slide 34
8.5.2 Development controls
• The controls applied to the development process shall ensure that
ISO 9001:2008 C7.3-7.3.7
• the result to be achieved by the development activities is clearly defined,
• inputs are defined
• outputs are in a form suitable for subsequent use for production
• problems and issues arising during the development process are resolved
• the planned development processes have been followed,
• goods produced or services provided are fit for purpose,
• appropriate change control is maintained throughout the development
Slide 35
ISO 9001:2008 C7.3.3
8.5.3 Development transfer
• The organization shall ensure that transfer from development to
production or service takes place when customer requirements,
statutory or regulatory requirements are met
Slide 36
8.6 Production of goods and provision of
services
• 8.6.1 Control of production of goods and provision of services
ISO 9001:2008 C7.5.1 & C7.5.2
• The organization shall implement production of goods and provision of
services under controlled conditions. Controlled conditions shall include, as
applicable:
• the availability of documented information, the implementation of controls;
• use of suitable equipment; use of monitoring and measuring devices;
• competence of personnel
• validation and approval, and periodic revalidation, of any process for production
• implementation of goods and services release, delivery and post-delivery activities;
nonconformity due to human error,
Slide 37
8.6.2 Identification and traceability
ISO 9001:2008 C7.5.3
• Where appropriate, the organization shall identify process outputs
by suitable means.
• Where traceability is a requirement, the organization shall control
the unique identification of the process outputs, and maintain it as
documented information.
Slide 38
8.6.3 Property belonging to customers or
external providers.
ISO 9001:2008 C7.5.4
• The organization shall exercise care with property belonging to the
customer or external providers
Slide 39
8.6.4 Preservation of Goods and services
ISO 9001:2008 C7.5.5
• Organization shall ensure preservation of goods and services include
any process output during processing and delivery to the intend
destination in order to meet the requirements
Slide 40
8.6.5 Post delivery activities
• Where applicable , the organization shall determined and meet
ISO 9001:2008 C7.5.1
requirements for post delivery activities associated with the nature
and intended lifetime of the goods and services
• Required shall take into account
• Risks associated with goods and services
• Customer feedback
• Legal and other requirements
Slide 41
8.6.6 control of changes
• The organization shall undertake change in a planned and
ISO 9001:2008 C7.3.7
systematic manner , taking account of the review of the potential
consequences of changes
• Maintain documented information describing the results of review
and the person who authorized the change.
Slide 42
8.7 Release of goods and services
• The organization shall implement the planned activities at
ISO 9001:2008 C8.2.4
appropriate stages to verify that goods and services requirements
have been met. Evidence of conformity with acceptance criteria
shall be maintained.
• All planned arrangement shall be finished before release or by other
authorities
• Documented information shall indicate the person who release the
goods and services
Slide 43
8.8 nonconformity goods and services
• The organization shall ensure that goods and services which do not
ISO 9001:2008 C8.3
conform to requirements are identified and controlled to prevent
their unintended use or delivery that will have a negative impact on
the customer.
• The organization shall take actions to nature of the NCR
• Documented information describing the nature of NCR and any
action taken shall be maintained
Slide 44
9 Performance evaluation
• 9.1 monitoring , measurement , analysis and evaluation
• 9.1.1 General
• the organization shall take into consideration the determined risks and
opportunities and shall:
• Determined what needs to be monitored and measured
• Evaluate the performance of external provider
• Determined the methods for monitoring , measuring , analysis and evaluation as
applicable , to ensure valid results
• Determined when the monitoring and measuring shall be performed
• Determined when the results shall be analyzed
• Determined the QMS indicators needed
• The organization shall maintained appropriate documented
information
• The organization shall evaluate the QMS performance and
effectiveness
Slide 45
9.1.2 Customer satisfaction
ISO 9001:2008 C8.2.1
• The organization shall monitor data relating to customer
perceptions of the degree to which requirements have been met
Slide 46
9.1.3 Analysis and evaluation of data
ISO 9001:2008 C8.4
• The organization shall analyzed and evaluate appropriate data
arising from monitoring , measurement and other relevant sources.
This shall include determination of applicable methods
Slide 47
ISO 9001:2008 C8.2.2
9.2 Internal audit
• The organization shall conduct IA at planned intervals to provide
information on whether the QMS comply with requirements and
effectively implemented
• The organization shall plan establish , implement and maintain audit
program determined taking into account objectives, risks
importance and result of pervious audit
• Take appropriate action without undue delay
• Retain documented information as evidence of implementation of
audit program and the audit results
Slide 48
ISO 9001:2008 C5.6
9.3 Management review
• Top management shall review the organization quality management
system , at planned intervals , to insure its continuing stability ,
adequacy and effectiveness.
• Input to management review
• Output to management review
• Documented information from management review shall be
maintained
Slide 49
10 improvement
ISO 9001:2008 C8.5.2&C8.5.3
• 10.1 NCR and corrective action
• When NCR occurred , the organization shall
• React to the NCR and as applicable and correct it and deal with the consequence
• Evaluate the need for corrective actions or preventive actions
• Implemented actions needed
• Review the effectiveness of any corrective actions taken
• Make changes to QMS if necessary
Slide 50
10.2 improvement
• The organization shall improve the suitability , adequacy and
ISO 9001:2008 C8.5.1
effectiveness of the QMS
• The organization shall QMS processes , goods and services
• The organization shall evaluate , priorities and determined the
improvement to be implemented
Slide 51
Appendix
• The draft include appendix with full definition of the eight quality
principle
• The eight quality principle are the core of the new standard , that is
evident from one of the clauses is one of the eight
principles(leadership)
Slide 52
ISO 9001:2015
Draft
BY
QI organization
June 2014
Slide 2
Introduction
• Purpose of the session
• New standard main elements
• The high structure context
• Review main body of the draft
• The different between the ISO 9001:2008 and CD ISO 9001:2105
Slide 3
Purpose of the session
• To review the new draft for ISO 9001:2015 and discuss the
implementation of the new standard
• To have open discussion and exchange idea about the
implementation requirements in the Egyptian market
• To discuss the required qualification of the auditors and the
consultants
• How to improve the current QMS to comply with the new
requirements
Slide 4
New standard new elements
1.
2.
3.
4.
Scope
Normative references
Terms and definitions
Context of the organization
• Understanding the organization
and its context
• Needs and requirements
• Scope
• Management System
5. Leadership
• General
• Management commitment
• Policy
• Roles, responsibility and
authority
6. Planning
• Actions to address risks &
opportunities
• Objectives and plans to achieve
them
7. Support
• Resources
• Competence
• Awareness
• Communication
• Documented information
8. Operation
• Operational planning and
control
9. Performance evaluation
• Monitoring, measurement,
analysis & evaluation
• Internal audit
• Management review
10. Improvement
• Non conformity and corrective
action
• Continual Improvement
Slide 5
0.1 General
• Brief about the committee draft , the CD version is not the final ISO
9001:2015 standard , the final draft may include or may not include
the given modification
Slide 6
0.2 Annex SL
• Annex SL appendix 2 set out the high level structure , identical core
text and common terms and core definitions that are to form , when
possible , the nucleus of future and revised management system
standard such as ISO 9001.
• All MSS shall , in principle use consistent structure , common text
and terminology so that they are easy to use and compliable with
each other
Slide 7
0.3 significant changes
• Redrafting to make the standard more generic and more easily
applicable by service industries. (product goods & services)
• Context (framework & environment) of organization
•
•
•
•
4.1 understanding the organization and its context
4.2 understanding the needs and expectations of interested parties
4.4.2 Process approach
4.1 Risk and 6.1 preventive action (there is no requirement for formal risk
management)
• Documented information .(document and records documented
information)
• 8.6 Control of external provision of goods and services
Slide 8
1 scope
• Used by organization to demonstrate its ability to provide goods and
services that meets customer and legal and other requirements and
to improve the customer satisfaction as well as the conformity with
legal and other requirements
Slide 9
2 Normative references
• ISO 9000:2015
Slide 10
3 terms and definitions
• Give definitions that apply to the standard about 22 terms , such as
organization ,requirements , policy, objective , documented
information etc.
Slide 11
4 context of the organization
• 4.1 understanding the organization and its context
• Organization Shall
• determined External & internal issues affect to achieve the outcome and
consider :
• Change and trend impacts on objectives
• Relationships with, and perceptions and values of relevant
interested parties
• Governance issues , strategic priorities , internal policies and
commitment
• resource availability and technological change
• Update such determination when needed
Slide 12
4.2 understanding the needs and expectations
of interested parties
• The organization shall determined
• The relevant interested parties such as (direct customer , end-user, supply
chain , regulator and any others)
• The requirements of these interested parties
• Update these needs
Slide 13
4.3 determining the scope of the quality
management system
• The organization shall determined
• Boundary
• Applicability of the QMS
• Requirement of 4.1 and 4.2
• Scope shall be documented information
• Exclusion from the standard only apply to clauses 7.1.4 and 8
• Exclusion shall be documented and justified
Slide 14
4.4 Quality management system
ISO 9001:2008 C4.1
• 4.4.1 general
• The organization shall establish , implement and maintain and improve its
QMS
• 4.4.2 Process approach
• Organization shall determined:
•
•
•
•
•
•
Processes needed, Input , output , resources , control for identified processes
Processes interactions
Risks to conformity (goods, services and in-effective interaction)
Key performance indicator
Responsibility and authority
Improvement
Slide 15
5 Leadership
ISO 9001:2008 C5.1
• 5.1 Leadership and commitment
• 5.1.1 Leadership and commitment with respect to the quality management
system
• Top management shall demonstrate its commitment by
•
•
•
•
•
•
•
•
•
•
Quality policy and objectives are established
Quality policy is understood within organization
Integrity of the QMS
Awareness of process approach
Resources are available
Communicating the importance of conforming to QMS and requirements of goods and services
Supporting persons to contribute to the effectiveness of the QMS
Supporting other management roles
Improvement and innovation
Supporting other management roles
Slide 16
5.2 Quality policy
ISO 9001:2008 C5.3
• Top management shall establish quality policy that
•
•
•
•
Appropriate to the purpose of organization
Provide frame work for setting the objectives
Include commitment to satisfy applicable requirements
Includes commitment to improvement
• Policy shall be documented information
• Communicated within organization
• Available to interested parties as appropriate
• Reviewed
Slide 17
ISO 9001:2008 C 5.5.1 & C5.5.2
5.3 Organization roles , responsibility and
authorities
• Top management shall ensure responsibility and authorities are
assigned and communicated
• Top management shall assign responsibility and authority for
• QMS conforms to the requirements
• Processes are interact and provide the intend output
• Reporting on the QMS performance
• Awareness for customer requirements
No Clear definition for the
MR , however still exist
without any exact
requirements
Slide 18
6 Planning
• 6.1 Actions to address risks and opportunities
• Organization shall consider 4.1 and 4.2 when planning
• Determined risks and opportunities that need to be addressed:
•
•
•
•
•
•
•
•
Assure QMS can achieve its intend outcome
Assure conformity of goods and services and customer satisfaction
Prevent and reduce undesired effect
Achieve improvement
Organization shall plan actions to address these risks and opportunities
Organization shall implement such actions to the QMS
The organization shall evaluate the effectiveness of these actions
Actions taken shall be appropriate for the effect
Slide 19
6.2 Quality Objectives and planning to achieve
them
ISO 9001:2008 C5.4.1
• The organization shall establish quality objectives
• Consistent with policy
• Relevant to conformity of goods and services and customer satisfaction
• Measurable, take into account applicable legal requirements
• Monitored , communicated
• Updated as appropriate
• Documented information
• Determined how shall the organization achieve such objectives
Slide 20
6.3 Planning of change
• Organization shall determined the needs and opportunity to
maintain and improve the QMS
• Organization shall undertake changes
•
•
•
•
Planned systematic manner
Identify risks
Opportunity
Reviewing the potential consequence of change
Simply , evaluate before
implementation
Slide 21
ISO 9001:2008 C6.1 & 6.2& C6.3
7 Support
• 7.1 Resources
• 7.1.1 General
• The organization shall provide resources needed to QMS
• 7.1.2 infrastructure
• Organization shall provide and maintain infrastructure needed for operation
• 7.1.3 process environment
• Organization shall provide the working environment for each process
7.1.4 monitoring and measuring devices
Review from previous ISO
9001:2000
• Organization shall determined the monitoring and measurement devices
• 7.1.5 knowledge
• Knowledge of conformity shall be available
Slide 22
7.2 Competence
ISO 9001:2008 C 6.2
• Organization shall
• Determined the necessary competence of persons
• Ensure persons are competent based on appropriate education, training or
experience
• Where applicable take action to acquire the necessary competence and
evaluate the effectiveness of actions taken
Slide 23
ISO 9001:2008 C 6.1 & C6.2
7.3 Awareness
• Persons doing work under control of organization shall be aware of
• Quality policy
• Relevant quality objective
• Contribution to the effective to management system
• Implication of not conforming with QMS
Slide 24
ISO 9001:2008 C 5.5.3
7.4 Communication
• Organization shall determined the need s for internal and external
communication
Slide 25
7.5 Documented information
ISO 9001:2008 C4.2.3 & C4.2.4
• 7.5.1 General
• Organization QMS shall include:
• Documented information required by the standard
• Documented information required by organization
• 7.5.2 Creating and updating
• Organization shall ensure when creating or updating documented information :
• Identification , description, format, review for approval.
• 7.5.3 control of documented information
• Organization ensure DI are available and suitable when needed and protected
• DI shall be controlled for distribution , access , retrieval , use , preservation , changes and
retention and disposition
• External origin DI shall be identified and controlled
Slide 26
ISO 9001:2008 C 7.1
8 Operation
8.1 Operational planning and control
• Organization shall plan and implement and control processes by determined
actions in 6.1
• Establish criteria for the process
• Implement control of the processes IAW criteria
• DI to give confidence that process carried out as planned
• Organization controlled planed change
• Any process by external providers is controlled
Slide 27
8.2 Determination of market needs and
interactions with customers
ISO 9001:2008 C7.2.1
• 8.2.1 General
• Organization shall implement process to determined customer requirements
• 8.2.2 determination of requirements related to the goods and services
• stated by the customer
• Not stated by the customer
• Legal and other requirements applicable to the goods and services
• any additional requirements
Slide 28
8.2.3 Review of requirements related to the
goods and services
ISO 9001:2008 C7.2.2
• Organization shall review the requirements related to goods and
services before supply
• Results of review shall be DI
• Organization shall ensure requirements where customer doesn't
provide documented statement
• If requirements are changed the organization shall ensure the
implementation is done and relevant person become aware of that
Slide 29
8.2.4 Customer communication
ISO 9001:2008 C7.2.3
• Organization shall determined and implement planned to
communicate with customer in relation to:
• Goods and services
• Enquiries , contract or order
• Customer feed back
• Handling of customer property
• The specific requirements for contingency actions , where relevant
Slide 30
8.3 Operational planning process
ISO 9001:2008 C 7.1
• Organization determined the following as appropriate:
• Requirements for goods and services take into account quality objectives
• Actions to identify and address risks related to goods and services
conformity
• Required recourses
• Acceptance criteria
• Required verification , validation, monitoring, measurement , inspection
and test
• Performance data embellishing and communicated
• Requirements for tractability , preservations , delivery and post delivery
• Output in form suitable to the organization
Slide 31
8.4 Control of external provision of goods
and services
ISO 9001:2008 C7.4.1
• 8.4.1 General
• Organization shall ensure that externally provided goods are conforms with
requirements
• 8.4.2 type and extent of control of external provision
• Types and extent control applied depend up on
• Risks identified and potential impact
• Degree of shared control between organization and providers
• The capability of potential control
• organization shall have criteria for selection , evaluation and reevaluation
• DI for monitoring result
• DI shall provided to provider as appropriate include data about the goods
and services , requirements , provider monitoring , any required verification
Slide 32
8.4.3 Documented information for external
providers
• Documented information shall be provided to the external provider describing
where appropriate:
•
•
•
•
•
•
goods and services to be provided or the process to be performed,
requirements for approval or release
requirements for competence
quality management system requirements,
control and monitoring of the external provider’s performance
any verification activities that the organization, or its customer, intends to perform at
the external provider’s premises
• requirements for handling of external provider’s property provided to the organization.
• Documented information describing on the results of monitoring shall be maintained.
Slide 33
ISO 9001:2008 C7.3 –C7.3.6
8.5 Development of goods and services
• 8.5.1 Development processes
• The organization shall plan and implement processes for the development
of goods and services consistent with the process approach.
• In determining the stages and controls for the development processes, the
organization shall take account of:
•
•
•
•
•
•
•
•
•
nature, duration and complexity
customer, statutory and regulatory requirements
requirements specified by the organization
determined risks and opportunities associated with the development (nature , level
of control and impacts)
internal and external resource,
need for clarity with respect to the responsibilities and authorities
need for the management of the interfaces between individuals and parties
need for involvement of customer groups, the necessary documented information
activities needed to transfer from development to production
Slide 34
8.5.2 Development controls
• The controls applied to the development process shall ensure that
ISO 9001:2008 C7.3-7.3.7
• the result to be achieved by the development activities is clearly defined,
• inputs are defined
• outputs are in a form suitable for subsequent use for production
• problems and issues arising during the development process are resolved
• the planned development processes have been followed,
• goods produced or services provided are fit for purpose,
• appropriate change control is maintained throughout the development
Slide 35
ISO 9001:2008 C7.3.3
8.5.3 Development transfer
• The organization shall ensure that transfer from development to
production or service takes place when customer requirements,
statutory or regulatory requirements are met
Slide 36
8.6 Production of goods and provision of
services
• 8.6.1 Control of production of goods and provision of services
ISO 9001:2008 C7.5.1 & C7.5.2
• The organization shall implement production of goods and provision of
services under controlled conditions. Controlled conditions shall include, as
applicable:
• the availability of documented information, the implementation of controls;
• use of suitable equipment; use of monitoring and measuring devices;
• competence of personnel
• validation and approval, and periodic revalidation, of any process for production
• implementation of goods and services release, delivery and post-delivery activities;
nonconformity due to human error,
Slide 37
8.6.2 Identification and traceability
ISO 9001:2008 C7.5.3
• Where appropriate, the organization shall identify process outputs
by suitable means.
• Where traceability is a requirement, the organization shall control
the unique identification of the process outputs, and maintain it as
documented information.
Slide 38
8.6.3 Property belonging to customers or
external providers.
ISO 9001:2008 C7.5.4
• The organization shall exercise care with property belonging to the
customer or external providers
Slide 39
8.6.4 Preservation of Goods and services
ISO 9001:2008 C7.5.5
• Organization shall ensure preservation of goods and services include
any process output during processing and delivery to the intend
destination in order to meet the requirements
Slide 40
8.6.5 Post delivery activities
• Where applicable , the organization shall determined and meet
ISO 9001:2008 C7.5.1
requirements for post delivery activities associated with the nature
and intended lifetime of the goods and services
• Required shall take into account
• Risks associated with goods and services
• Customer feedback
• Legal and other requirements
Slide 41
8.6.6 control of changes
• The organization shall undertake change in a planned and
ISO 9001:2008 C7.3.7
systematic manner , taking account of the review of the potential
consequences of changes
• Maintain documented information describing the results of review
and the person who authorized the change.
Slide 42
8.7 Release of goods and services
• The organization shall implement the planned activities at
ISO 9001:2008 C8.2.4
appropriate stages to verify that goods and services requirements
have been met. Evidence of conformity with acceptance criteria
shall be maintained.
• All planned arrangement shall be finished before release or by other
authorities
• Documented information shall indicate the person who release the
goods and services
Slide 43
8.8 nonconformity goods and services
• The organization shall ensure that goods and services which do not
ISO 9001:2008 C8.3
conform to requirements are identified and controlled to prevent
their unintended use or delivery that will have a negative impact on
the customer.
• The organization shall take actions to nature of the NCR
• Documented information describing the nature of NCR and any
action taken shall be maintained
Slide 44
9 Performance evaluation
• 9.1 monitoring , measurement , analysis and evaluation
• 9.1.1 General
• the organization shall take into consideration the determined risks and
opportunities and shall:
• Determined what needs to be monitored and measured
• Evaluate the performance of external provider
• Determined the methods for monitoring , measuring , analysis and evaluation as
applicable , to ensure valid results
• Determined when the monitoring and measuring shall be performed
• Determined when the results shall be analyzed
• Determined the QMS indicators needed
• The organization shall maintained appropriate documented
information
• The organization shall evaluate the QMS performance and
effectiveness
Slide 45
9.1.2 Customer satisfaction
ISO 9001:2008 C8.2.1
• The organization shall monitor data relating to customer
perceptions of the degree to which requirements have been met
Slide 46
9.1.3 Analysis and evaluation of data
ISO 9001:2008 C8.4
• The organization shall analyzed and evaluate appropriate data
arising from monitoring , measurement and other relevant sources.
This shall include determination of applicable methods
Slide 47
ISO 9001:2008 C8.2.2
9.2 Internal audit
• The organization shall conduct IA at planned intervals to provide
information on whether the QMS comply with requirements and
effectively implemented
• The organization shall plan establish , implement and maintain audit
program determined taking into account objectives, risks
importance and result of pervious audit
• Take appropriate action without undue delay
• Retain documented information as evidence of implementation of
audit program and the audit results
Slide 48
ISO 9001:2008 C5.6
9.3 Management review
• Top management shall review the organization quality management
system , at planned intervals , to insure its continuing stability ,
adequacy and effectiveness.
• Input to management review
• Output to management review
• Documented information from management review shall be
maintained
Slide 49
10 improvement
ISO 9001:2008 C8.5.2&C8.5.3
• 10.1 NCR and corrective action
• When NCR occurred , the organization shall
• React to the NCR and as applicable and correct it and deal with the consequence
• Evaluate the need for corrective actions or preventive actions
• Implemented actions needed
• Review the effectiveness of any corrective actions taken
• Make changes to QMS if necessary
Slide 50
10.2 improvement
• The organization shall improve the suitability , adequacy and
ISO 9001:2008 C8.5.1
effectiveness of the QMS
• The organization shall QMS processes , goods and services
• The organization shall evaluate , priorities and determined the
improvement to be implemented
Slide 51
Appendix
• The draft include appendix with full definition of the eight quality
principle
• The eight quality principle are the core of the new standard , that is
evident from one of the clauses is one of the eight
principles(leadership)
Slide 52